Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
48
Go
3,404
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,632
Pub
13
RubyGems
1,026
Rust
1,205
Swift
53
Unreviewed advisories
All unreviewed
5,000+

39 advisories

Loading
An issue was discovered in Nokia Impact before Mobile 23_FP1. In Impact DM 19.11 onwards, a... Low Unreviewed
CVE-2023-31044 was published Mar 3, 2026
A vulnerability was identified in higuma web-audio-recorder-js 0.1/0.1.1. Impacted is the... Low Unreviewed
CVE-2026-2964 was published Feb 23, 2026
OpenClaw Affected by Remote Code Execution via System Prompt Injection in Slack Channel Descriptions Low
CVE-2026-24764 was published for openclaw (npm) Feb 17, 2026
KonstantinMirin Credited to KonstantinMirin
carbone Code Injection vulnerability Low
CVE-2024-14020 was published for carbone (npm) Jan 7, 2026
Improper Control of Generation of Code ('Code Injection') vulnerability in PickPlugins Job Board... Low Unreviewed
CVE-2025-58827 was published Sep 5, 2025
A flaw was found in GLib. A denial of service on Windows platforms may occur if an application... Low Unreviewed
CVE-2025-4056 was published Jul 28, 2025
Aim Vulnerable to Sandbox Escape Leading to Remote Code Execution Low
CVE-2025-5321 was published for aim (pip) May 29, 2025
Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper... Low Unreviewed
CVE-2025-23376 was published Apr 28, 2025
Apereo CAS code injection vulnerability Low
CVE-2025-3984 was published for org.apereo.cas:cas-management-webapp-support (Maven) Apr 27, 2025
Apache Kylin Code Injection via JDBC Configuration Alteration Low
CVE-2025-30067 was published for org.apache.kylin:kylin (Maven) Mar 27, 2025
A vulnerability, which was classified as problematic, was found in lmxcms 1.41. Affected is an... Low Unreviewed
CVE-2025-1465 was published Feb 19, 2025
An error related to the 2-factor authorization (2FA) on the RISC Platform prior to the saas-2021... Low Unreviewed
CVE-2021-41527 was published Feb 7, 2025
An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote... Low Unreviewed
CVE-2024-28811 was published Sep 30, 2024
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options... Low Unreviewed
CVE-2024-8258 was published Sep 10, 2024
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due... Low Unreviewed
CVE-2024-22123 was published Aug 12, 2024
A potential JSON injection attack vector exists in PingFederate REST API data stores using the... Low Unreviewed
CVE-2024-21832 was published Jul 10, 2024
In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by... Low Unreviewed
CVE-2024-3995 was published Jun 29, 2024
In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by... Low Unreviewed
CVE-2024-0325 was published Feb 2, 2024
The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This... Low Unreviewed
CVE-2023-33229 was published Jul 26, 2023
Improper Control of Generation of Code ('Code Injection') in mdx-mermaid Low
CVE-2022-36036 was published for mdx-mermaid (npm) Aug 31, 2022
sjwall Credited to sjwall
cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394). Low Unreviewed
CVE-2018-20896 was published May 24, 2022
CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3,... Low Unreviewed
CVE-2010-3172 was published May 17, 2022
(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in... Low Unreviewed
CVE-2012-3355 was published May 17, 2022
CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before... Low Unreviewed
CVE-2013-2950 was published May 17, 2022
CRLF injection vulnerability in the Web Application Enterprise Console in IBM InfoSphere... Low Unreviewed
CVE-2013-3998 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database